selinux: properly handle multiple messages in selinux_netlink_send()
Paul Moore authored
commit fb739741

 upstream.

Fix the SELinux netlink_send hook to properly handle multiple netlink
messages in a single sk_buff; each message is parsed and subject to
SELinux access control.  Prior to this patch, SELinux only inspected
the first message in the sk_buff.

Cc: stable@vger.kernel.org
Reported-by: default avatarDmitry Vyukov <dvyukov@google.com>
Reviewed-by: default avatarStephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
eeef0d9f
Name Last commit Last update
..
apparmor apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock
integrity efi: Only print errors about failing to get certs if EFI vars are found
keys KEYS: Avoid false positive ENOMEM error on key read
loadpin proc/sysctl: add shared variables for range check
lockdown efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
safesetid LSM: SafeSetID: Stop releasing uninitialized ruleset
selinux selinux: properly handle multiple messages in selinux_netlink_send()
smack broken ping to ipv6 linklocal addresses on debian buster
tomoyo tomoyo: Use atomic_t for statistics counter
yama proc/sysctl: add shared variables for range check
Kconfig Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Kconfig.hardening Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Makefile security: Add a static lockdown policy LSM
commoncap.c Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
device_cgroup.c docs: cgroup-v1: add it to the admin-guide book
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
lsm_audit.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license
security.c Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security